Saturday, December 22, 2012


Worms and viruses spread by exploiting bugs present in operating systems and application programs, so to keep out such potentially harmful traffic we use Firewalls.

Firewall acts as a SECURITY GUARD, or SECURITY WALL between an internal network of a company and the outside Internet.

A firewall blocks traffic unless that traffic is specifically allowed to pass through. For example, it might filter
out all incoming messages except those addresses to a particular set of IP addresses or to particular TCP port numbers. Firewall is useful if you do not want external users to access a particular host or service within your organization. A firewall may also impose restrictions  on outgoing traffic to prevent certain attacks and to limit losses if an adversary succeeds in getting access inside the firewall. 

Firewalls may be used to create multiple zones of trust, such as a hierarchy of increasingly trusted zones. A common arrangement involves three zones of trust: the internal network, the DMZ (“demilitarized zone”); and
the rest of the Internet. The DMZ is used to hold services such as DNS and email servers that need to be accessible to the outside. Both the internal network and the outside world can access the DMZ, but hosts in the DMZ cannot access the internal network; therefore, an adversary who succeeds in compromising a host in the exposed DMZ still cannot access the internal network.

Firewalls filter based on IP, TCP, and UDP information, among other things. Firewalls make use of level 4 port numbers, in addition to level 3 host addresses, for making decisions on forwarding and filtering. For this
reason network layer firewalls are sometimes called level 4 switches.

Computer Networks: Peterson and Davie

No comments:

Post a Comment